Anyone checking into a hotel this holiday season should be extra careful with their personal and work-issued devices and data.

The accommodations sector had the second highest number of data breaches last year with 338 breaches and 368 incidents, according to the 2018 Verizon Data Breach Investigations Report. While most were compromised credit and debit cards (called point-of-sale POS intrusions), mobile devices and physical data were also under attack.

Here are five travel security tips to dodge the data thieves while traveling this holiday season.

Choose a hotel with ‘5-star security’. Hotels are keen to highlight their security initiatives to guests. A study by the International Journal of Contemporary Hospitality Management showed that data breaches not only hurt the bottom line but they can damage reputation and affect whether guests return or not. At the time of booking, always ask about security policies. New technology being used includes mobile key cards and advanced monitoring systems that can help protect property and personal information, even sending alerts when and if someone tries to break into a room. Hotels should have a crisis response procedure and a Shred-it all Policy so all guest-related documents that are no longer needed are destroyed. There should also be secure handling processes for payment card data and other personally identifiable information (PII).

Double-lock the door on criminals. Before your holiday even starts, the IT department should adjust enterprise permissions on mobile devices based on what work data and resources are needed. On the road, always lock devices. Also, install all patches and updates immediately (in research, 82% of breaches occurred because software patches were not updated). Use strong passwords – and change them on devices and accounts when the holiday is over.

Pack light. Only carry data that is required for the work you want to do; the same goes for personal credentials and credit cards. Always be aware of where confidential data is, and never leave it unattended. Lock confidential documents in a briefcase or the hotel safe. Use the hotel’s secure document destruction service to destroy information you no longer need.

Do not leave anything for ‘evil maids’. ‘Evil Maid’ is a new kind of attack that occurs when a device is left open for a moment and compromised by a criminal. This can happen when a computer is left behind unsecured in a hotel room or anywhere. Never leave devices unattended. Shut them down, lock them, and do not let anyone use your mobile devices.

Avoid free Wi-Fi in restaurants and other public places. In a recent survey by security firm ObserveIT, 77% of employees said they would use free or unlocked Wi-Fi while using a work computer or phone during travel. But security on these networks is lax or nonexistent. Always use a virtual private network (VPN) for a secure connection between the workplace and remote devices. Also, use personal hot spots and password-protected Wi-Fi networks as well as personal mobile phone data. Connecting through Bluetooth encrypts the data.

Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.

100% NAID Certified. North American Shred-it locations are NAID Certified for mobile document destruction, adhering to the stringent security practices and procedures established by the National Association for Information Destruction.

In compliance with the American Disabilities Act Amendment (ADAAA), Accessibility for Ontarians with Disabilities Act (AODA) and other state or province accessibility laws and regulations, if you use a screen reader and need help with this website or have feedback or inquiries about accessing material on this website because of a disability, contact Accessibility@stericycle.com.
Our policy is available in accessible formats upon request.